通过在项目中自定义一个Filter过滤器实现修复反射型xss漏洞,具体方法如下:package com.eastrobot.robotdev.filter;import javax.servlet.*;import javax.servle
通过在项目中自定义一个Filter过滤器实现修复反射型xss漏洞,具体方法如下:
package com.eastrobot.robotdev.filter;
import javax.servlet.*;
import javax.servlet.Http.httpservletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
public class XssFilter implements Filter {
@Override
public void init(FilterConfig filterConfig) throws ServletException {
}
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
HttpServletRequest req = (HttpServletRequest) request;
HttpServletResponse resp = (HttpServletResponse) response;
// 解决动态脚本获取网页cookie,将cookie设置成HttpOnly
String sessionId = req.getSession().getId();
resp.setHeader("SET-COOKIE", "jsESSIONID=" + sessionId + "; HttpOnly");
resp.setHeader("x-frame-options", "SAMEORIGIN");
chain.doFilter(new XsshttpServletRequestWrapper((HttpServletRequest) request), response);
}
@Override
public void destroy() {
}
}
--结束END--
本文标题: 怎么修复反射型xss漏洞
本文链接: https://www.lsjlt.com/news/114257.html(转载时请注明来源链接)
有问题或投稿请发送至: 邮箱/279061341@qq.com QQ/279061341
下载Word文档到电脑,方便收藏和打印~
2024-05-11
2024-05-11
2024-05-11
2024-05-11
2024-05-11
2024-05-11
2024-05-11
2024-05-11
2024-05-11
2024-05-11
回答
回答
回答
回答
回答
回答
回答
回答
回答
回答
0